[GEMINI-HARDEN-01] Replace hard-coded fleet inventory with repo-native config #433

New Issue

Open

opened 2026-04-09 14:32:35 +00:00 by Timmy · 0 comments

Timmy commented 2026-04-09 14:32:35 +00:00

Owner

Copy Link

Parent epic: #432

Why
Merged suite code currently embeds fleet topology and path assumptions directly in Python:

• scripts/fleet_llama.py, scripts/self_healing.py, scripts/telemetry.py, and scripts/agent_dispatch.py contain routable IP literals.
• scripts/agent_dispatch.py assumes /opt/hermes.
• scripts/skill_installer.py assumes ../hermes-agent.

That makes the suite non-portable, violates the linter's own "no hardcoded IPs" doctrine, and couples operational truth to scattered script literals.

Acceptance criteria

• One inventory/config source in timmy-config defines hostnames/domains, ports, roles, local/remote path contracts, and per-host capabilities.
• Scripts load inventory/config from that source instead of hard-coded literals.
• No routable IP literals remain in scripts/*.py; only documented loopback/listen-address exceptions are allowed.
• No workstation-specific or install-specific repo paths remain in code; local-vs-remote paths are explicit config.
• scripts/README.md documents the inventory contract and override mechanism.

Related

• [EPIC] Harden Gemini Sovereign Infrastructure Suite after merge #418 (#432)
• [OPS] Restore verified admin SSH access to Allegro VPS for fleet maintenance (#290)
• [ORCHESTRATOR-2] Build agent dispatcher — route issues to the right agent (#356)
• PR [EPIC] Gemini — Sovereign Infrastructure Suite Implementation (#418)

Parent epic: #432 Why Merged suite code currently embeds fleet topology and path assumptions directly in Python: - `scripts/fleet_llama.py`, `scripts/self_healing.py`, `scripts/telemetry.py`, and `scripts/agent_dispatch.py` contain routable IP literals. - `scripts/agent_dispatch.py` assumes `/opt/hermes`. - `scripts/skill_installer.py` assumes `../hermes-agent`. That makes the suite non-portable, violates the linter's own "no hardcoded IPs" doctrine, and couples operational truth to scattered script literals. Acceptance criteria - One inventory/config source in `timmy-config` defines hostnames/domains, ports, roles, local/remote path contracts, and per-host capabilities. - Scripts load inventory/config from that source instead of hard-coded literals. - No routable IP literals remain in `scripts/*.py`; only documented loopback/listen-address exceptions are allowed. - No workstation-specific or install-specific repo paths remain in code; local-vs-remote paths are explicit config. - `scripts/README.md` documents the inventory contract and override mechanism. Related - #432 - #290 - #356 - PR #418

Timmy added the enhancement label 2026-04-09 14:32:35 +00:00

Timmy referenced this issue 2026-04-09 14:32:42 +00:00

[EPIC] Harden Gemini Sovereign Infrastructure Suite after merge #418 #432

Timmy referenced this issue 2026-04-09 14:32:43 +00:00

[OPS] Restore verified admin SSH access to Allegro VPS for fleet maintenance #290

Timmy referenced this issue 2026-04-09 14:32:44 +00:00

[ORCHESTRATOR-2] Build agent dispatcher — route issues to the right agent #356

bezalel was assigned by Timmy 2026-04-09 15:15:16 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

burn/20260410-0712-config-validator

burn/20260410-0621-451-pr-template

perplexity/fleet-behaviour-hardening

timmy/v7.0.0-checkin

ansible-iac

burn/20260409-1247-self-healing-safe

timmy/deadman-fallback

burn/20260409-1926-linter-v2

burn/20260410-0018-451-pr-template

burn/20260409-1923-ssh-trust

timmy/pr-proof-template

perplexity/purge-anthropic

burn/20260409-1240-cli-test-harness

perplexity/ci-validation-pipeline

allegro/m2-commit-or-abort-845

feat/gemini-epic-398-1775648372708

feat/gemini-epic-398-1775648300443

perplexity/pr-checklist-ci

perplexity/soul-md-disambiguation

perplexity/wire-enforcer-sovereign-store

perplexity/mempalace-architecture-doc

timmy/fleet-phase3-5

feat/bezalel-wizard-sidecar-v2

timmy/gallery-submission

perplexity/sovereign-memory-store

timmy/sovereign-orchestrator-v1

groq/issue-371

harden-soul-anti-claude

timmy/mempalace-integration

timmy/fleet-capacity-inventory

timmy/orchestrator-fix

ezra/issue-358

timmy/fleet-resources-tracker

timmy/japanese-wisdom-guards

master

codex/workflow-pr-review

backup/main-before-reset-20260328-000322

gemini/issue-20

gemini/issue-21

gemini/issue-22

gemini/issue-9

gemini/issue-10

gemini/issue-11

gemini/issue-12

gemini/issue-13

manus/dpo-data-pipeline

feature/dpo-training-pipeline

v7.0.0

Golden-Allegro-v6-Sonnet4

burnup-20260405-infra

SonOfTimmy-v5-FINAL

SonOfTimmy-v4

GoldenRockachopa

pre-agent-workers-v1

Labels

Clear labels

assigned-claw-code

Queued for Code Claw (qwen/openrouter)

assigned-kimi

Dispatched to Kimi via OpenClaw

assigned-sonnet

claw-code-done

Code Claw completed this task

claw-code-in-progress

Code Claw is actively working

enhancement

epic

kimi-done

Kimi completed this task

kimi-in-progress

Kimi is actively working on this

lazzyPit

Lazarus Pit automated recovery system

research

sonnet-ready

velocity-engine

Auto-generated by velocity engine

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

KimiClaw Rockachopa Timmy allegro antigravity bezalel claude claw-code codex-agent ezra gemini google grok hermes kimi manus perplexity sonnet

No Assignees bezalel

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Timmy_Foundation/timmy-config#433